Create an MIT Kerberos provider and join a realm

You join a realm automatically as you create an MIT Kerberos provider. A realm defines a domain within which the authentication for a specific user or service takes place.

Before you begin

You must be a member of the SecurityAdmin role to view and access the Create a Kerberos Provider button and perform the tasks described in this procedure.


  1. Click Access > Authentication Providers > Kerberos Provider.
  2. Click Create a Kerberos Provider.
  3. In the User field, type a user name who has the permission to create service principal names (SPNs) in the Kerberos realm.
  4. In the Password field, type the password for the user.
  5. From the Realm list, select the realm that you want to join. The realm must already be configured on the system.
  6. From the Groupnet list, select the groupnet the authentication provider will reference.
  7. From the Service Principal Name (SPN) Management area, select one of the following options to be used for managing SPNs:
    • Use recommended SPNs
    • Manually associate SPNs

      If you select this option, type at least one SPN in the format service/principal@realm to manually associate it with the realm.

  8. Click Create Provider and Join Realm.